A Research On Deep Hiding Technologies Of Hardware Trojan

Integrated Circuit(IC)was an important cornerstone of the construction of a modern informatization and intelligent society.It plays an irreplaceable role in both military and civilian fields.The rapid development of global semiconductor design,manufacturing processes,and the globalization of the industrial chain make hardware security incidents occur more frequently.Increasing numbers of hackers have begun to use hardware Trojan(HT)to achieve malicious damage around the world.Many countries,including the United States and the European countries,continue to explore new hardware hacking technologies to enhance their own hardware attack capabilities and threaten the security of military and civilian information equipment that uses chips.Therefore,our country urgently needs to form a security system integrating hardware attack,detection and defense to enhance our country’s information security defense capabilities.However,current research focuses mostly on hardware Trojan detection,and there is a lack of an effective hardware Trojan test set.This thesis studies the deep hiding technology of hardware Trojans.It aims to form a systematic hardware Trojan logic design method and a multi-dimensional hardware Trojan circuit hiding method.The objectives of this thesis are as follow:(1)Reviewing of concepts related to the research content.An overview of the design principles of integrated circuits and HT were introduced.The structure of the HT was analyzed.The classification of HTs,the common methods of HT detection,and HT designs were summarized.(2)Proposing the code-level HT deep hiding technology.The two main code-level HT detection technologies focused in the thesis were coverage detection and unused circuit identification(UCI).A systematic code-level hardware Trojan construction method which can effectively avoid the above two detection methods was proposed in this thesis.First of all,the detection principles of coverage detection and unused circuit identification were deeply studied and analyzed in this thesis.Then,their detection boundaries were explored respectively,a hardware Trojan hidden model was established to define the countermeasures for the hardware Trojan to evade coverage detection;by referring to the pipeline structure,the Trojan payload structure was defined to achieve anti-UCI detection.Lastly,through a comparison experiment with the Trust-Hub test set commonly used in the hardware security industry,The results show that the hardware Trojan design method proposed in this thesis was higher than the three types of coverage detection(Line,Branch,FSM)99%,and can avoid UCI detection 100%,the experiment involves four types of chips and three types of HTs.(3)Proposing the netlist-level hardware Trojan deep hiding technology.The two main netlist-level HT detection technologies focused in the thesis were Controllability and Observability for hardware Trojan detection(COTD)and Information Flow Tracking(IFT).A systematic netlist-level hardware Trojan construction method which can effectively avoid the above two detection methods was proposed in this thesis.First of all,the detection principles of COTD and IFT were deeply studied and analyzed in this thesis.Then,their detection boundaries were explored respectively.By analyzing the signal node flip rate and the distribution of measurable values of the netlist circuit,the design guidelines of the Trojan trigger circuit was summarized to achieve anti-COTD detection;in the IFT detection,by studying the flow of the taint tag in the GLIFT logic,the design guidelines of the Trojan payload circuit was summarized to achieve anti-IFT detection.Lastly,by testing fourteen experimental samples(part of the samples are obtained by changing the trigger structure of the commonly used test set in the hardware security industry,and the other part of the samples are obtained according to the netlist-level hardware Trojan design process),the experimental results show that our test set can avoid COTD detection and IFT detection 100%,and the experiment involves four types of chips and three types of HTs.